Skip to main content
News

Weekly Security Wrap-Up (February 15th, 2022)

  • February 15, 2022
  • 0 replies
  • 55 views

Happy Tuesday, folks! This week we’ll bite the bullet and finally have to discuss Russia vs. Ukraine, as some new things have like, come to light, man. But first...I refuse to be denied the opportunity to type “squirrelwaffle” on the internet, so let’s start there: 

Squirrelwaffle, Microsoft Exchange Server vulnerabilities exploited for financial fraud

Financial fraud is [almost] never a laughing matter, and leaving servers unpatched for years is even worse, and this story has both. “Squirrelwaffle” is basically just a malicious document (“MalDoc”) that gets downloaded and runs a script that just downloads payloads in a loop. From the article, “The combination of Squirrelwaffle, ProxyLogon, and ProxyShell against Microsoft Exchange Servers is being used to conduct financial fraud through email hijacking.” IF ONLY THERE WERE SOME WAY TO AUTOMATE PATCHING.

 

Ukrainian military agencies, banks hit by DDoS attacks, defacements

Welp...here it comes. From the article: “Starting from the afternoon of February 15, 2022, there is a powerful DDOS attack on a number of information resources of Ukraine," Ukraine's State Service for Special Communication and Information Protection.”

 

Ah, jeez..

 

How helpful was this post to you?

0 replies

Be the first to reply!

Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings